From MediaWiki.org
Jump to navigation Jump to search
This page is a translated version of the page API:Protect and the translation is 29% complete.

Other languages:
Deutsch • ‎English • ‎dansk • ‎français • ‎português • ‎română • ‎русский • ‎ไทย • ‎中文 • ‎日本語 • ‎한국어


To change a page's protection level, a CSRF token is required. This token is the same for all pages, but changes at every login. CSRF tokens can be obtained via action=query&meta=tokens with type=csrf (MW 1.24+).

In previous versions of MediaWiki, a protect token was required (deprecated). This token is equal to the edit token and the same for all pages, but changes at every login. Protect tokens can be obtained via API:令牌 with type=protect (MW 1.20+), or by using the following method:

Obtaining a protect token (deprecated)


Pages can be protected with action=protect.


  • title: 您希望保护的页面。
  • pageid: 您希望保护页面的页面ID。 不能与title一起使用。 1.20+
  • token: A "csrf" token retrieved from action=query&meta=tokens (or as specified above).
  • protections: A pipe-separated list of protections, formatted as action=group, e.g. edit=autoconfirmed|move=sysop
    • If you want to remove a protection, use all as group, e.g. edit=all|move=sysop
    • If you leave out an action, the associated value won't be changed, i.e. edit=sysop leaves the move protection untouched.
  • expiry: Pipe-separated list of expiry timestamps in GNU timestamp format. The first timestamp applies to the first protection in protections, the second to the second, etc. The timestamps infinite, indefinite and never result in a protection that will never expire. Timestamps like next Monday 16:04:57 or 9:28 PM tomorrow are also allowed, see the GNU web site for details.
    • The number of expiry timestamps must equal the number of protections, or you'll get an error message
      • An exception to this rule is made for backwards compatibility: if you specify exactly one expiry timestamp, it'll apply to all protections
    • Not setting this parameter is equivalent to setting it to infinite
  • reason: (解除)保护的原因(可选)。
  • tags: Change tags to apply to the entry in the protection log. 1.27+
  • cascade: If set, pages transcluded in the protected page will also be protected. If the required user level to edit is lower than the required user level to protect (e.g. edit=autoconfirmed), cascading can't be enabled, and this parameter will be silently ignored.
    • The latter is to prevent people who shouldn't be able to protect pages from protecting them anyway by transcluding them in a page with cascading protection.
  • watch: If set, add the page being (un)protected to the current user's watchlist. 1.15+ (在1.17版本中已弃用)
  • watchlist: Unconditionally add or remove the page from the current user's watchlist, use preferences or do not change watch. 可能的值: watch, unwatch, preferences, nochange (默认: preferences) 1.17+


In this example, all parameters are passed in a GET request just for the sake of simplicity. However, action=protect requires POST requests; GET requests will cause an error.

Protecting the Main Page edit=autoconfirmed, move=sysop, the first expiring February 24, 2015 at 12:34:56, the second expiring March 25, 2015 at 13:06:20 with cascading protection enabled.

Protecting "Deletion log" create=sysop, expiring a 2 months from now


In addition to the usual stuff:

代码 信息
notitle title参数必须被设置。
notoken token参数必须被设置。
noprotections protections参数必须被设置。
invalidexpiry 终止时间“expiry”已过去。
This means the expiry timestamp was invalidly formatted, or is nonexistent (like November 31 or 24:05).
pastexpiry 终止时间“expiry”已过去。
toofewexpiries 提供了number个逾期时间戳,实际则需要number2个。
This error is misnamed: it's also thrown when you specify too many expiry times
cantedit You can't protect this page because you can't edit it
create-titleexists 现有标题不能通过create保护。
missingtitle-createonly 丢失标题只可以通过create保护。
protect-invalidaction 无效的保护类型“type”。
protect-invalidlevel 无效的保护级别“level”。